Michael Horowitz's Most Recent Posts

What's a surge protector to do after it can no longer provide surge protection? In a follow-up to a previous blog, APC officially stands behind their documentation that says their NET8 model will not provide unprotected power. Tripp Lite says nothing, leading credence to their own documentation which says that their ISOBAR4ULTRA does provide unprotected power after it fails.

The good news is that the BBC recently warned the British public about the dangers of Man in the Browser attacks, raising awareness of the most insidious danger with online banking. The bad news is their exclusive focus on Windows, the most-attacked operating system. I offer some simple, free suggestions for Windows users, that make online banking more secure.

The legacy approach to email, typified by Microsoft's Outlook program, permanently mated email to one computer. While cleaning up an old Windows XP laptop, so that it could be given away, I ran across a not-so-obvious flaw in this scheme. Removing all traces of email accounts requires lots of registry hacking.

What does a surge protector do after it dies? Sounds like a philosophy question, but it's actually Defensive Computing.

A recent New York Times editorial on online banking suggested that many banks are not up to the task of security. However, the editorial writer mis-understands some of the technology. Some of the defensive steps suggested in the editorial are a sham, while three major dangers were omitted entirely.

The New York Public Library website was found to be hosting malicious software.

When it comes to Wi-Fi routers, WPS is bad news. Not only does it have a design flaw that reveals the Wi-Fi password, but on some routers it can't be turned off. Older routers don't support WPS at all and thus are safer.

Windows 7 was brought to its knees by the simple act of installing application software. It needs to do a better job of defending itself, especially now that there is competition that does.

The last place you would expect to hear anything negative about backing up files, is a blog on Defensive Computing. Yet here we are.

Are you running Windows 7 without Service Pack 1? If it's not on purpose, I stumbled across some reasons why Windows Update won't install SP1.

You're online one minute, then all of a sudden, websites fail to load. What to do next? Here are some steps that can help narrow down the problem.

Viewing a particular web page with Internet Explorer, if you know what to look for, indicates whether the Windows kernel is being used to render TrueType fonts. If it is, that Windows system is vulnerable to the bug that Duqu exploited and needs to have Microsoft's temporary workaround installed ASAP.

Even if you pooh-pooh Duqu, the Windows vulnerability that it attacked can also be exploited by simply viewing a web page.

Microsoft issued a workaround for the bug that Duqu exploited to install itself. Great. But, much about the way they handled the workaround leaves a lot to be desired.

Installing the latest version of Open Office (3.3.0) may, if you're not careful, install an old, vulnerable, buggy version of Java.